CVE-2024-47572

Critical

Published: 14 January 2025

Published

14 January 2025

Modified

16 July 2025

KEV Added

—

Patch

—

CVSS Score 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

EPSS Score 0.0074 72.9th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4.1 allows attacker to execute unauthorized code or commands via manipulating csv file

Security Summary

CVE-2024-47572 is a vulnerability involving improper neutralization of formula elements in a CSV file within Fortinet FortiSOAR versions 7.2.1 through 7.4.1. This issue, linked to CWE-1236, enables an attacker to execute unauthorized code or commands by manipulating a CSV file. Published on 2025-01-14, it carries a CVSS v3.1 base score of 9.0 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H), reflecting its critical severity due to network accessibility, low attack complexity, and high potential impacts.

An attacker with low privileges can exploit this vulnerability remotely by crafting a malicious CSV file that requires user interaction, such as opening or processing it within FortiSOAR. Upon successful exploitation, the attacker achieves high confidentiality, integrity, and availability impacts across the affected system's scope, potentially leading to arbitrary code execution and full compromise of the FortiSOAR instance.

The Fortinet advisory at https://fortiguard.fortinet.com/psirt/FG-IR-24-210 provides details on mitigation and patches for this vulnerability.

Details

CWE(s): CWE-1236

Affected Products

fortinet

fortisoar

7.2.1 — 7.2.2 · 7.3.0 — 7.3.3 · 7.4.0 — 7.4.2

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-210
Vendor Advisory · psirt@fortinet.com